Today, when I switched from Google's SMS-based 2-step verification to the
Android-based version, I discovered that there exists an
open-source version of
Google's HMAC-based One Time Password (HOTP) implementation. Better yet,
it includes a PAM module that can be incorporated into PAM and thus SSH.